AVG-2508 log

Package libjxl
Status Fixed
Severity Medium
Type multiple issues
Affected 0.6-1
Fixed 0.6.1-1
Current 0.10.2-1 [extra]
Ticket None
Created Mon Nov 1 14:36:39 2021
Issue Severity Remote Type Description
CVE-2021-22564 Medium Yes Arbitrary code execution
In libxjl before version 0.6.1, for certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when...
CVE-2021-22563 Medium Yes Information disclosure
Invalid JPEG XL images using libjxl before version 0.6.1 can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB...